package com.baidu.dueros.certificate;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:com/baidu/dueros/certificate/Certificate.class */
public class Certificate {
    private String signature;
    private String signaturecerturl;
    private String message;
    private static final String DOMAIN = "duer.bdstatic.com";

    public Certificate(String str, String str2, String str3) {
        this.signature = str;
        this.signaturecerturl = str2;
        this.message = str3;
    }

    public Certificate(HttpServletRequest httpServletRequest) {
        try {
            HashMap hashMap = new HashMap();
            Enumeration headerNames = httpServletRequest.getHeaderNames();
            while (headerNames.hasMoreElements()) {
                String str = (String) headerNames.nextElement();
                hashMap.put(str, httpServletRequest.getHeader(str));
            }
            String str2 = (String) hashMap.get("signature");
            String str3 = (String) hashMap.get("signaturecerturl");
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader((InputStream) httpServletRequest.getInputStream(), "utf-8"));
            StringBuffer stringBuffer = new StringBuffer("");
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    String stringBuffer2 = stringBuffer.toString();
                    this.signature = str2;
                    this.signaturecerturl = str3;
                    this.message = stringBuffer2;
                    return;
                }
                stringBuffer.append(readLine);
            }
        } catch (IOException e) {
        }
    }

    private static boolean verify(String str, String str2, PublicKey publicKey) {
        try {
            Signature signature = Signature.getInstance("SHA1WithRSA");
            signature.initVerify(publicKey);
            signature.update(str.getBytes("UTF-8"));
            return signature.verify(Base64.decodeBase64(str2.getBytes("UTF-8")));
        } catch (Exception e) {
            return false;
        }
    }

    public static boolean verify(ConcurrentHashMap<String, PublicKey> concurrentHashMap, Certificate certificate) {
        if (concurrentHashMap == null) {
            return false;
        }
        return verify(certificate.getMessage(), certificate.getSignature(), concurrentHashMap.get(certificate.getSignaturecerturl()));
    }

    public static PublicKey getPublicKeyFromUrl(String str) {
        if (!isBaiduDomain(str)) {
            return null;
        }
        try {
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
            httpURLConnection.setConnectTimeout(3000);
            return ((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(httpURLConnection.getInputStream())).getPublicKey();
        } catch (Exception e) {
            return null;
        }
    }

    private static boolean isBaiduDomain(String str) {
        try {
            URL url = new URL(str);
            if ("https".equals(url.getProtocol().toLowerCase())) {
                return DOMAIN.equals(url.getHost());
            }
            return false;
        } catch (MalformedURLException e) {
            return false;
        }
    }

    public String getSignature() {
        return this.signature;
    }

    public String getSignaturecerturl() {
        return this.signaturecerturl;
    }

    public String getMessage() {
        return this.message;
    }
}
